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DETAILED ACTION 
Claim Rejections - 35 USC §112 

1 . Examiner withdraws 1 12 first paragraph rejection based on the following 
statement from the applicant on page 12 of the remarks filed on 9/18/2007. 

"Applicant submits that these definitions enable one in the ordinary skill in the art to see 
the similarities and differences among community sets generally and a UCS, and ACS, 
and an OCS in particular, as well as enabling one of ordinary skill in the art to apply 
these terms in the currently claimed invention." 

2. In light of the amendments made by the applicant examiner withdraws 112 
second rejection. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1-6, 9-15, 17-23, 25-31 & 34 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Miller (U.S. 5,265,221) and Belani et al (U.S. 6,772,350). 
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5. As per claims 1 , 10, 18 & 26 Miller disclosed a computer system comprising: a 
Multi-community Node (MCN) comprises: a community information base (CIB), wherein 
said CIB (col.2, lines 42-47) includes: a user community ser (UCS) for each user of said 
MCN (col.2, lines 47-52), wherein for a given user and associated UCS, a given 
community is a member of the UCS if the given user is a member of the given 
community (col.4, lines 57-67 & col. 5, lines 1-20); an application community set (ACS) 
for each application on said MCN, wherein for a given application and associated ACS, 
a given community is a member of the ACS if the given application runs on behalf of a 
user in the given community (col. 5, lines 22-62); and an object set (OCS) (col.1, lines 
30-35) for each object residing within said MCN (col.2, lines 52-62), wherein each OCS 
is included in an ACS of a process which created it (col. 5, lines 22-62); a processing 
unit configured to receive a request for access to an object; consult said CIB responsive 
to said request; permit access to said object in response to detecting said request is 
from a first user; and a UCS of the first user is a superset of an object community set 
(OCS) of said object (col.4, lines 56-67 & col. 5, lines 1-20); deny access to said object 
in response to detecting : said request is from the first user; and a UCS of the first is not 
a superset of the an OCS of said object (col.2, lines 23-36): permit access to said object 
in response to detecting: said request is from a process; and an ACS said process is a 
superset of said OCS (col. 5, lines 39-62); and deny access to said object in response to 
detecting: said request is from said process; and an ACS of said process is not a 
superset of an OCS of said object; wherein a given OCS comprises a first set of 



Application/Control Number: 09/981 ,608 Page 4 

Art Unit: 2143 

communities, a given UCS is a superset of the given OCS if at least all of the set of 
communities are also included in the given UCS, and a given ACS is a superset of the 
given OCS if at least all of the first set of communities are also included in the ACS 
(col.2, lines 23-62). However Miller did not explicitly disclose a computer network 
coupled to the Multi-community node (MCN). 

In the same field of endeavor Belani disclosed a computer network : and a multi- 
community node (MCN) coupled to said computer network (col.4, lines 34-38). 
At the time the invention was made it would have been obvious to one in the ordinary 
skill in the art to incorporate a connection to computer network as disclosed by Belani to 
a computer system of Miller in order to make the computer system more versatile and 
scalable by having multiple clients/users connect to the system from various locations. 

6. As per claims 2, 11, 1 9 & 27 Miller-Belani disclosed the method of claim 1 , 
wherein said object is an operating system controlled resource (Miller, col.1, lines 30-34 
& col.2, lines 23-27). 

7. As per claims 3, 12, 20 & 28 Miller-Belani disclosed the method of claim 2, 
wherein said object is selected from the group consisting of a file system, a storage 
volume, a directory, a file, a record, a memory region, a queue, a pipe, a socket, a port, 
or an input/output device (Miller, col.1 , lines 30-34). 
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8. As per claims 4, 13,21 & 29 Miller-Belani disclosed the method of claim 1, 
wherein the initial owner of said object is the creator of said object (Miller, col. 5, lines 
39-62). 

9. As per claims 5, 14, 22 & 30 Miller-Belani disclosed the method of claim 1 , 
further comprising permitting an owner of said object to designate a first user as a new 
owner of said object, in response to detecting a UCS of said first user is a superset of 
said OCS (Miller, col. 5, lines 39-62). 

10. As per claims 6, 15, 23 & 31 Miller-Belani disclosed the method of claim 1, 
further comprising allowing a first process to change said OCS of said object to a subset 
of said ACS of said first process, in response to detecting an owner of said first process 
is an owner of said object and said ACS is a superset of said OCS (Miller, col. 5, lines 
39-62). 

11. As per claims 9, 1 7, 25 & 34 Miller-Belani disclosed the method of claim 8, 
wherein said CIB further includes a creator and a current owner for each object residing 
within said MCN (Miller, col. 5, lines 39-62). 
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Response to Arguments 

12. Applicant's arguments filed 8/16/2007 have been fully considered but they are 
not persuasive. 

13. Applicant argued that the prior art does not teach the limitations in the current 
independent claims. 

14. Since the applicant has used specific terminologies in the claims, the examiner in 
order to clarify the rejection and interpretation of the claims has shown these 
terminologies as defined by the applicant in the specification. 

Community Information Base (CIB) = Maintains associations between objects, users 
and processes (Page. 5 of applicant's specification). 

User Community Set (UCS) = each user has a UCS which may be configured by a 
trusted administrator into a database of user profiles (page. 25, lines 11-12). 

Object Community set (PCS) = Object may include file systems, storage volumes, 
directories, files, memory regions, queues, pipes, sockets, input/output devices, or other 
operating system controlled resources. Associated with each object is an OCS. Objects 
are generally created by processes running on behalf of users. The objects' creator is a 
user or user role on whose behalf the process that creates an object is running. In 
addition to a creator, each object has an owner. An object's owner may initially be the 
user who created the object. The owner may assign another user as owner. A user may 
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become an object owner if that user's UCS includes the OCS of the object. An object's 
OCS is initially set by its creator (via a process running on behalf of the creator) and 
must be included within the UCS of its creator and within the ACS of the process, which 
created it (page.25, lines 17-26 of applicant's specification). 

Application Community set (ACS) = each application process has an ACS. An 
application process' ACS is initially set by the user who invoked it and may default to 
the UCS of the invoker (page.25 of applicant's specification). 

15. Claim interpretation: 

A computer system comprising: a Multi-community Node (MCN) comprises: a 
community information base (CIB) wherein said CIB (col.2, lines 32-47) {Miller 
describes access control mechanisms, that grant, revoke any deny authorization to 
entities allowing easy implementation of separation of duties I.E it has an association 
table or matrix through with it can determine which entity has what level of access} 
includes: a user community ser (UCS) for each user of said MCN (col.2, lines 47-52) 
{ Miller further elaborates on the access mechanism by disclosing a matrix that contains 
user attributes pertaining to each user A.K.A rules names with their associated Boolean 
expressions} also discloses that ; an application community set (ACS) for each 
application on said MCN; and an object set (OCS) for each object (Please read col.1 , 
lines 30-35 and compare it with the definition of an object in the specification) residing 
within said MCN (col.2, lines 52-62); a processing unit configured to receive a request 
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for access to an object; consult said CIB responsive to said request; permit access to 
said object in response to detecting said request is from a user; and a UCS of said user 
is a superset of an object community set (OCS) of said object (col.4, lines 56-67 & col. 5, 
lines 1-20) { Miller discloses that security policies are concerned not only with which 
subject may obtain access to which objects, but also with the granting, revoking and 
denying of authorizations to and from users and groups. Given the set of authorizations 
for users and groups, some rules must be applied for deriving authorization for subjects. 
In general case, user may belong to more than one group. In assigning privileges to 
subjects acting on behalf of a user, one can choose to: 1 . Have the subject operate with 
the union of privileges of all groups (Superset) to which the user belongs, as well as all 
his or her individual privileges. 2. Have the subject operate with the privilege of only one 
group at a time; 3. Allow the subject to choose to operate with its user's privileges or 
with the privileges of one of the groups to which its user belongs; and implement some 
other policy}; permit access to said object in response to detecting: said request is from 
a process; and an ACS said process is a superset of said OCS (col.5, lines 30-35 & 39- 
62) {Miller also discloses that user's access rights are also application dependent and 
the owner or multiple owner may have rights to delete and modify an object I.E in order 
to perform such actions the user has to access the object by a certain process that 
originally created that object}. 

16. Additionally applicant is advised that when reviewing a reference the applicants 
should remember that not only the specific teachings of a reference but also reasonable 
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inferences which the artisan would have logically drawn therefrom may be properly 
evaluated in formulating a rejection. In re Preda, 401 F. 2d 825, 159 USPQ 342 (CCPA 
1968) and In re Shepard, 319 F. 2d 194, 138 USPQ 148 (CCPA 1963). Skill in the art is 
presumed. In re Sovish, 769 F. 2d 738, 226 USPQ 771 (Fed. Cir. 1985). Furthermore, 
artisans must be presumed to know something about the art apart from what the 
references disclose. In re Jacoby, 309 F. 2d 513, 135 USPQ 317 (CCPA 1962). The 
conclusion of obviousness may be made from common knowledge and common sense 
of a person of ordinary skill in the art without any specific hint or suggestion in a 
particular reference. In re Bozek, 416 F.2d 1385, 163 USPQ 545 (CCPA 1969). Every 
reference relies to some extent on knowledge of persons skilled in the art to 
complement that is disclosed therein. In re Bode, 550 F. 2d 656, 193 USPQ 12 (CCPA 
1977). 

17. Applicant argued that Miller does not disclose the amended claim limitations. 
As to applicant's argument examiner has cited portions for miler that anticipates 
applicant's amended limitations. 

1 8. Applicant argued that Miller fails to disclose access control to objects from 
processes. 

As to applicant's argument Miller disclosed that it is probably an application -dependent 
choice whether an object can have more than one owner. Ownership policies are 
sometimes implemented so that only the owner of an object has the right to (through a 
process) delete or modify the object. 
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Conclusion 

THIS ACTION IS MADE FINAL Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Asghar Bilgrami whose telephone number is 571-272- 
3907. The examiner can normally be reached on 9-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David Wiley can be reached on 571-272-3924. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




